Key government services were taken offline over the weekend after the discovery in a pub car park of a pocket storage device containing details of the Government Gateway. The Gateway is intended to provide a central secure login service for a range of government systems, including tax credits and self assessment, so taking it …

Details sketchy...

...but reading between the lines it looks like whatever was on this storage key were log in details shared between more than one system or person...

Security 101... You don't share log on information between more than one system/user... That way when you *do* loose the info, you can just cancel one account and not have to wipe out the entire system for a weekend.

"Just a matter of time"

Small things.....

Loosing things is human, the smaller the object the easier it is to loose. Put people under pressure and things will be forgotten, misplaced, not put away.

But then who would be stupid enough to put passwords on a USB stick, and how would, if the stick was encrypted, you know they were passwords for the government gateway.

That kind of password should be on paper, locked in a safe. Mind you if they are operational passwords, better on an encrypted stick than on a bit of folded paper in a wallet, or black & red.

BTW - a lot of admins have to know the admin passwords for multiple systems, before you start to criticise people for writing them down, how many 12 digit randomly generated passwords can you remember. I'm glad I don't have to remember.

Oh and it wouldn't matter which political party was in power, this would still happen, because it's a function of being human, not of process or procedure.

If it was encrypted...

Sigh.

"The Gateway is intended to provide a central secure login service for a range of government systems, including tax credits and self assessment, so taking it offline paralyses these too, before you can say 'single point of failure'."

The mind boggles ...

Occasionally, as I continue to learn and teach, I find someone capable of understanding the complexity of this new interconnectedness that exists, whether we like it or not.

To date, I have seen no evidence that any government gets it. Most large companies don't have a clue, either. For whatever reason, "marketing" seems to be in charge.

Not Quite to type

It is unlike ATOS Origin to be so careless with data.

A few years ago, there was a spate of violent muggings, some involving the theft of laptop computers, from a railway station frequented by personnel from ATOS Origin and one of its clients. Employees of the client company received a memo giving them advice about personal safety. Employees of ATOS Origin received a memo reminding them of the steps they needed to take to keep their data secure.

Mine's the one with the encription keys on the same ring as the car keys.

@dervheid

Re: The single point of failure

"By N Posted Monday 3rd November 2008 10:00 GMT

Is those dolts residing in downing street & the soon we get rid of Gordon Clown and his pack of idiots the better"

I get the feeling you think the *other chaps* have never lost any personal information of their 56-60m subjects! I think yet another idiot needs to look at history beyond the newspapers and websites. Be sure you understand this: ALL THE PARTIES ARE THE SAME. So using your twisted political view to take over the discussion about incompetent civil servant outsourcing wont wash, chump.

PS, if Gordon were replaced by the other Monkey Team, this non-gov business: ATOS would still be in place with its contract! Starting to notice that predominantly this is the private sector (under contract to the Gov) that is losing this data? Thought not, but its true none the less!

Its about time some of you started to see beyond... ohhh blame the Gov, its always their fault. The truth is that its not always their fault (although its always their responsibility I must admit).

Single Sign On

@Steve - the entire concept of the GG is single online identity, single sign on. With that identity, you enroll into various government services to use them. Departments then use GG as a centralised authentication and authorisation facility.

Whilst renewing a drivers licence, or submitting a tax returns may not be particularly exciting, there are more sensitive services, such as ContactPoint. The idea of a user being enrolled into that service via the backdoor thus avoiding the various checks is quite concerning given the vast amount of personal data about children that the government are storing there.

Where the identity gives you access to a service, that is one thing. When the identity gives you access to large tracts of data, this is something else.

superb timing

The deadline for the submission of Self-Assessment Tax Returns on paper was 31st Oct, having been brought forward this year without huge fanfare. Between now and 31st January only a return submitted online will avoid a £100 penalty.

@ Alan Fisher

Hmm.. Perceptions

Confusing from the article to know if the USB stick was encrypted. As far as I can see, it wasn't at all!

If it was, it'd be fine (ish). The Integral USB stick shown in the pic isn't an encrypted version, so the encryption is shown to be dealing with the system. Let's face it, if you have the source code of the system, the encryption will fall pretty quickly. But we'll leave Mr. "Erasmus" to tell us that..

No governmental USB stick should be unencrypted, regardless of cost.. in fact ALL business USB sticks should be encrypted (gov, or otherwise)

re: Re: The single point of failure

How the FUCK does "the other side would have done it too" mean that we can't blame this government?

How about this, you retarded piece of putrid offal: SACK THIS GOVERNMENT. Then, of "the other side does it too" SACK THEM TOO!. When you sack them, remove all their pension from any government source. They fucked up big time.

After a while, neither side will do this sort of shit because they know they'll get sacked and have no pension.

Your way, they don't improve their act because there's no downside to being incompetent in government.

PS You REALLY looove Maggie. Else you would not be obsessing over her 20 years after she's left. FFS.

@AC (Not Maggie's Mate)

"Its about time some of you started to see beyond... ohhh blame the Gov, its always their fault. The truth is that its not always their fault (although its always their responsibility I must admit)."

The truth is that they are still planning more and more databases with my data held on them and with a track-record that is ludicrous. This is why people blame this government. It's not the loss of data that they're to blame for (though giving contracts to the lowest bidder is hardly the way we get quality now, is it?), it's the plans to lose more data that's pissing everybody off, including myself but not including you apparently.

Strange how somebody who supports the government (or at least doesn't condemn the government) over this issue should choose to remain anonymous. Are you scared we're gonna lose your data? If you value your anonymity then vote for a Government that won't waste taxpayers money on huge and unworkable centralised databases. Otherwise, just post all of your details here, your name, address, banking details, date of birth and mother's maiden name and I promise that we will look after it better than this present government ever could.

If you've nothing to hide then you've nothing to fear but if you have nothing to fear then you're either stupid or incredibly naive.

@Mark

That's a pretty naive view from you as well as the OP. I would have thought that, if anything, Maggie taught us that sometimes, even when we want them out, it's too late when we can get them out. Just ask all the miners who lost their livelihoods. A lot of things should be looked at when deciding on who to vote for, and many of those things will be ignored. The idea of "get them out and get the others in" just to see what will happen is incredibly dangerous, especially when Mr. Cameron doesn't really have a single policy that is more elaborate than a headline. While I don't feel that I could vote Labour, because I felt betrayed by the war in Iraq, I do respect Gordon Brown for the work he has done rebuilding our economy (as does a large majority of the developed world), and I think the real problem are the people who have advised someone who was always going to be someone who listened to advisers over insinct (which I generally think is a good thing). Jacqui Smith and Ian Blair have given us a country that is run on fear, and have given us technological solutions worked out by people with no techonlogical knowledge. On the other hand you have people who are going to look at the economy, try to implement huge savings for people, and use money that we just don't have, and expect not to destroy our economy. It's what the Tories did before, and it's what they seem to be suggesting they'll do again. I remember Brown being pulled up on small discrepancies in his budget, and it making national news. Cameron has huge discrepancies, and all people can see is that they don't like what's happening right now, so it has to change. This severely worries me, especially in the current climate. Personally, I'm far more interested in the Lib Dems than either of the two main parties (and I have been a reasonably staunch Labour supporter for most of my life), because they offer policies that don't threaten to turn us into a police state, offer sensible policies on stopping our illegal wars, and also offer in-depth policies on what they will do funding-wise, with actual figures to back them up. Neither of the other two parties comes anywhere close to offering any of this.

@Small things....

" BTW - a lot of admins have to know the admin passwords for multiple systems, before you start to criticise people for writing them down, how many 12 digit randomly generated passwords can you remember. I'm glad I don't have to remember."

I have to do it all the time.... and i don't write them down, although the passwords i have to remember tend to only be 8-10 digit alphanumeric, so maybe htats easier... as well as the corresponding usernames and ip addresses of the servers, maybe thats why i've never been fired, or suffered any data loss..... yet.....

Truecryptards

Truecrypt is great and I've used it to protect information when I haven't been offered something else - just to avoid being "that employee" if my laptop was nicked. But it is not accreditted by CESG for protecting UK government data at either baseline or enhanced level, so saying that such-and-such a civil servant or this-and-that private contractor should just download the panacea to all their problems is not correct.

Its pretty crap because anybody voluntarily using Truecrypt should be applauded not discouraged. The real issue is that UK Gov aren't on top of it and basically just recommend 3rd party products.

@AC with tax helpdesk - i thought you should be able to do a reset using your known facts, and I'm fairly sure that KFs aren't supposed to be used as passwords.

Everyone has missed the real story here

In the Daily Mail article, the accompanying screenshot of a browser window includes a bookmark in the bookmarks toolbar for a site called 'Doggahs.' - I have no intention of googling that, but I am left wondering why the art department at the Daily Mail might be frequent visitors. Someone should start a sensationalist moral campaign about that, surely!

Pointless...

Most of the Government systems are antiquated There are still systems on DOS 6 / Windows 3.11, Windows NT4 amongst others - and no plans to replace them. There's so many security holes without needing passwords that all this talk of encryption products is stuff and nonsense.

It was where?

We should rejoice. Normally anything remotely advanced - for example the wheel - is regarded by the locals as black magic and summarily hung drawn and quartered.

Cannock is several dozen square miles of population but only four different surnames. A place where signs above the boundary markers say 'There Be Witches'. A place where burning crucifixes appear at night, the girls start shaving long before the boys, and where Sunny Delight is considered a health drink.

Believe me, this so-called device was safe and sound in cannock. No chance of it being hacked or broken into without a hammer being involved there.

@ Paul Buxton

"[Government ministers] want to keep their own details off all of the planned national databases"

I'm willing, once again, to bet a jelly donut that even the ministers in their lofty offices are going to be in for some rude surprises. Instead of actually purging their information from various databases, simple booleans will be set to indicate "invisible data", so when ministers leave office, all their data is easily restored.

Programmers being what they are (esp. the outsourcees) they won't always follow the prescribed logic in generating reports, so ministerial secrets (size of underclothing, preferred brand of personal lubricant, eyeglass prescription, dates when hair was cut) will pop out into view sporadically. And if the hackers penetrate the DBs, no secrecy at all.

And since the current UK government knows no limits to its sheer snoopiness, you may be sure that we'll even discover how many pairs of red lace crotchless panties Mad Jacqui owns.

Stay tuned. The show will be even funnier than the Saturday morning cartoons I used to watch on TV as a child.

@Mike@Kev

thats a bit harsh, seeing that you have no idea what complexity arrangements are in place. There does seem to be this blinkered line of thought that size is everything.

Obviously length+complexity is better than length alone. But based on my personal experience when you forced user to used a long and complex password, the changes are they can’t remember it. System policy is one thing, user acceptance is another. More often than not if they can’t remember it they will write the password down. I have seen them do it, and know where their password is on physical medium. Furthermore long complex passwords will just tempt them to reuse the first few characters of the password. You can have the best system security but it’s useless if the users let you down.

Who's to blame?

Whenever data gets lost the knee-jerk reaction is to blame 'the government'; but just who is this government? Correct me if I'm wrong, but have any of these losses been down to an elected official? I'm pretty sure that most/all of them have been the fault of the civil service or private companies, both of whom would still be there even if the elected government was changed tomorrow!

That's not to say that I agree with the totalitarian databases being banded around at the moment, and the risks involved do scare me silly. But let's put the blame for the ideas, and the current losses, at the right doors please.

@Kev@Mike@Kev

Not harsh at all, either your passwords aren't protecting anything important (in which case your post is irrelevant) or you passwords are protecting something important, in which case the password strength is critical to protection of the data you are responsible for (and ultimately your job).

>you have no idea what complexity arrangements are in place

You said 8-10 digit alphanumeric, sounds like you're defining complexity, this obviously excludes special characters, immediately you are revealing some of your complexity arrangements, futhermore in your second post you say "tempt them to reuse the first few characters of the password" this indicates that users are allowed partial re-use, again I can garner some more information about your security (which sounds poor).

User password education is important, but it's not that difficult, give a user the password d0-@Qr-+S1[/^!+vP and you're asking for trouble, but enforce at least one special charater, at least one digit, no position re-use, minimum of 9 you have a strong password, then tell the user how to use word association and phrase acronyms as tecniques to remember them, then they don't do stupid things, if they *have* to write down passwords then educate them to write down something which reminds them of a password, or partial passwords, if the users let you down, it's your poor education, not them, they are like children, take some responsibility man.

This is all by the by anyway, we were talking about the passwords you have to remember, where's your excuse? if you are an admin (like you imply) why are you using and allowing your users to use weak passwords? are aren't you enforcing stronger passwords? (if you're that sloppy I wonder if you even enforce a regular password change or change all your passwords when another admin leaves) hope you work for some noddy organisation that doesn't do anything important or has any external auditing otherwise that job that you haven't been fired from yet could become one that you have been.

Are you sure

that it wasn't a privately owned drive, no one reported the drive missing & it was found in a pub car park complete with encryption keys, it sounds to me like someone was moonlighting as a tracer for a Debt Collection Agency rather than a genuine loss. And if the keys were there how would they know if the drive had been accessed?

IT's all rubbish

These events are another illustration of the fact that IT systems as they are today are fundamentally not design to protect data. All current data protection measures are merely layered on top of something (the operating system and its hardware) that was designed to make the copying and distribution of data as unrestricted as possible. Sure, you can apply a veneer of user permissions and so forth but by and large most data remains unguarded.

What's needed is IT systems for everyone where data is encrypted by default no matter where it is (RAM, hard disk, USB memory stick, CDR, in transit on a network, etc), and a proper crypto key distrubution scheme so that only designated people can read it. This means a complete re-write of existing operating systems, a massive redesign of existing hardware and a whole lot of industry and government concensus. Until that happens there will always be accidents such as this.

Data insecurity effects everyone, one way or another. So why isn't the IT industry doing something about it. Laziness? Lack of vision? Why aren't governments worldwide pressurising the industry to address the issue? Laziness? Lack of vision?

VPN?

Surely allowing them to take sensitive data out of the office in the first place is asking for trouble.

Haven't they heard of VPNs? You know, things like Citrix which allow users to access the corporate network from their home PC. And access the data remotely, over a secure connection...

Oh, of course, they'll be running Vista on their home PCs, which is incompatible with most VPN software...

The problem with taking data out of the office, even if it encrypted, is that the weak link will inevitably be the password. Too many people do not understand the concept of choosing a password that will simultaneously be easy for them to remember but difficult for others to guess. Having worked previously as a school sysadmin I've seen names, dates of birth, postcodes, telephone numbers, favourite football teams - none of which are mangled in any way whatsoever. And that's just the staff - who are likely to have sensitive data in their user areas! Once you get onto the pupils, you're likely to have "qwerty" or "abcdefg" as passwords - and one school, which didn't enforce minimum password length, had a sixth former whose password was 'a'. Unsurprisingly, his classmates frequently dipped into his account...

And of course if you enforce a password that's difficult for them to remember, chances are they'll have it written down somewhere...

@IT's all rubbish

So what if truly encryped systems were available? The government won't / can't pay for them. If you saw the crap they are using now you'd realise that.

There's a comment somewhere asking why it's always outsourcing companies that hit the headlines. It's because the government has outsourced pretty much every IT system there is. There's nobody left in the civil service who's accountable when things go wrong. I guess the government probably likes it that way - blame everyone and take no responsibility. If the government still took ownership of its IT, the same problems would still occur, but it wouldn't be able to point the blame elsewhere.